[linuxkernelnewbies] FWN/Issue162 - FedoraProject

Fri, 20 Feb 2009 17:44:09 -0800

http://fedoraproject.org/wiki/FWN/Issue162

Fedora 10 Security Advisories

Fedora 9 Security Advisories


Virtualization

In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, and @libvirt-list of Fedora virtualization technologies.

Contributing Writer: Dale Bewley

Enterprise Management Tools List

This section contains the discussion happening on the et-mgmt-tools list

virt-manager and QEmu Disk Polling Logs

Radek Hladik noticed[1] "when image:Echo-package-16px.pngvirt-manager is running and polling VMs stats image:Echo-package-16px.pnglibvirt log in /var/log/libivrt/qemu/vmname is filling with messages" on the number of disk operations. After a day the log had grown to 100MB.

Daniel P. Berrange accepted[2] on behalf of libvirt and Cole Robinson described[3] how to turn of disk polling in virt-manager.

  1. http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00019.html
  2. http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00021.html
  3. http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00020.html

virt-viewer Persistance Through Guest Reboots

Daniel P. Berrange said[1] that by Fedora 11 image:Echo-package-16px.pngvirt-viewer will persist and wait for a guest to resume rather than exit when a guest reboots.

  1. http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00004.html

virt-install Wait Indefinitely for Windows Guests

Since Windows reboots during installation, John Levon patched[1] virt-install to wait 120 minutes while installing a Windows guest. After some discussion it was decided it should wait indefinitely instead.

  1. http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00005.html

Fedora Virtualization List

This section contains the discussion happening on the fedora-virt list.

Fedora Virt Status Update

Mark McLoughlin composed[1] another informative weekly update on the status of virtualization development in Fedora. Some highlights included:

  • A pvmmu problem casues some guest installs on an F11 Alpha host to oops during heavy network activity (RHBZ #480822)
  • Work has begun on Fedora 11 virtualization release notes.
  • The 0.6.0 release of image:Echo-package-16px.pnglibvirt was not completely without problems.
  • All Fedora 11 virtualization features can be found all together.
  • The KVM/QEmu merge project has settled on a naming scheme.
  • KVM PCI device assignment continues to have issues. The "core of the problem is that devices must be reset before being assigned if they have been previously used in the host."
  • The addition of bzImage loading support to the Xen hypervisor is enabling users to build test Dom0 kernels.
  • A detailed of accounting reveals the bug count going from 191 to 192.
  1. http://www.redhat.com/archives/fedora-virt/2009-February/msg00061.html

Merging KVM and QEmu Packages

A feature[1] in the works for Fedora 11 is a merge of the image:Echo-package-16px.pngkvm package with the image:Echo-package-16px.pngqemu package. Glauber Costa recently took the first step in this process by creating a test build[2] and starting a very long thread[3] on naming of all the subpackages which will soon make up QEmu.

  1. Features/KVM_and_QEMU_merge
  2. http://koji.fedoraproject.org/koji/taskinfo?taskID=1105051
  3. http://www.redhat.com/archives/fedora-virt/2009-February/msg00000.html

Fedora Xen List

This section contains the discussion happening on the fedora-xen list.

bzImage Dom0 Support in Rawhide Xen

Pasi Kärkkäinen announced[1] the lastest image:Echo-package-16px.pngxen builds in Rawhide support bzImage compressed dom0 kernels. Xen previously only supported zImage compressed kernels. This development was one of the preqequisite work items for the Xen pvops Dom0 feature.

This good news was tempered by the fact that there is still no dom0 capable image:Echo-package-16px.pngkernel in Rawhide. However, such a kernel can be built[2] for testing. Gerd Hoffmann reports[3] success doing just that. Such kernels are not yet stable enough for use[4].

  1. http://www.redhat.com/archives/fedora-xen/2009-February/msg00001.html
  2. http://wiki.xensource.com/xenwiki/XenParavirtOps
  3. http://www.redhat.com/archives/fedora-virt/2009-February/msg00027.html
  4. http://www.redhat.com/archives/fedora-virt/2009-February/msg00055.html

Test Dom0 Xen Kernel RPM Available

M A Young built[1] a dom0 capable kernel RPM. It's suitable only for testing; "use it very much at your own risk".

  1. http://www.redhat.com/archives/fedora-xen/2009-February/msg00014.html

Libvirt List

This section contains the discussion happening on the libvir-list.

Fix for Fallout From Failed QEmu Guest Starts

Daniel P. Berrange fixed[1] a series of events which manifested when a QEmu guest failed to start. Subsequent client connections would fail, CPU would rise to 100%, and virsh would hang. (RHBZ #484414)

  1. http://www.redhat.com/archives/libvir-list/2009-February/msg00104.html

sVirt Patches to Merge in libvirt

Daniel J Walsh looked[1] at James Morris sVirt[2] patches for image:Echo-package-16px.pnglibvirt. "James patch, allows libvirt to read the SELinux context out of the xml database and execute image:Echo-package-16px.pngqemu with the context. The second componant [sic] is to pass the context of the image(s) and allow libvirt to not only set the image, but also update the default labels on disk, so a relabel will not change the context." Daniel J Walsh started working on this second component and wondered if they were acceptable for committing to libvirt yet.

Daniel P. Berrange expressed[3] satisfaction with how the patches integrate with libvirt adding "If yourself & James are happy with what they're doing from a SELinux / security model point of view, then there's no reason they shouldn't be posted for final merge now."

  1. http://www.redhat.com/archives/libvir-list/2009-February/msg00144.html
  2. http://fedoraproject.org/wiki/Features/SVirt_Mandatory_Access_Control
  3. http://www.redhat.com/archives/libvir-list/2009-February/msg00145.html

Manage iptables with libvirt

Karl Wirth asked[1] "What if we could flexibly change the iptables rules for the different guests as they are deployed onto the node/host". This thought was not new.[2]

David Lutterkort pointed[3] out some of the thorny problems with this proposal including the fact that "network devices may be directly assigned to guests - in that case, we won't even see any of the packets the guest sends or receives". Summarizing that "iptables management belongs into a higher-level management app, like ovirt[4], not libvirt."

  1. http://www.redhat.com/archives/libvir-list/2009-February/msg00147.html
  2. http://fedoraproject.org/wiki/FWN/Issue138#Libvirt_and_Persistent_Iptables_Rules
  3. http://www.redhat.com/archives/libvir-list/2009-February/msg00152.html
  4. http://ovirt.org/

Reply via email to